Splunk Enterprise

Could not use/find/uninstall splunk, but was saying it was using the drive.

michaelp
New Member

Using windows 10, I installed splunk onto the drive folder itself (not the drive where windows was installed) and then I wasn't able to access the drive. Properties showed it had 0 storage and the default name of the drive in "My PC" was NFTS drive or something. Could not find the uninstall button in the apps settings, nor could I find any services related to splunk in windows services or task manager. I couldn't use the splunk application itself either. Couln't find a splunk folder in C drive either.

I tried to run: chkdsk X: /f /r in CMD and I got the error "Chkdsk cannot dismount the volume because it is a system drive or there is an active paging file on it". I couldn't format the drive because it said it was in use.

I ended up booting safe mode and formatted the drive there which has solved all my issues, but anyone know what the issue was?

Labels (1)
0 Karma

marnall
Motivator

It is hard to say. If you must know what happened, then you could try installing Splunk into the drive again after formatting the drive to the state it was before install, and then see if it creates the problem again.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...